package org.hq.service;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;

/**
 * security配置类
 */
@Configuration
@EnableAuthorizationServer
public class WebSecurityConfig extends AuthorizationServerConfigurerAdapter {
    //2.授权服务端点配置(授权码，令牌)

    //@Autowired
    private AuthenticationManager authenticationManager ;
    @Autowired
    private ClientDetailsService clientDetailsService;
    @Autowired
    private UserDetailsService userDetailsService;
    @Autowired
    private AuthorizationCodeServices authorizationCodeServices;
    @Autowired
    private AuthorizationServerTokenServices tokenService;





    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    }

    /**
     *
     * 客户端配置
     * @param clients
     * @throws Exception
     */
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        String passwrd = new BCryptPasswordEncoder().encode("1813033378");

        clients.inMemory()//内存方式
        .withClient("c1")
                .secret(passwrd)//客户端密钥
                .resourceIds("order")//客户端拥有资源列表
                .authorizedGrantTypes("authorization_code","password","client_credentials", "refresh_token")
                .secret("all")// 允许授权范围
                .autoApprove(false)//跳转到授权页面
                //回调地址
                .redirectUris("http://www.baidu.com");
                //super.configure(clients);




    }

    /**
     * 服务端点配置
     * @param endpoints
     * @throws Exception
     */
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                //服务端点映射
                .pathMapping("/oauth/config_access","/customer/config_access")

                //1.密码授权模式需要 密码模式，需要认证管理器
                .authenticationManager(authenticationManager)

                //用户信息
                .userDetailsService(userDetailsService)

                //2.授权码模式服务
                .authorizationCodeServices(authorizationCodeServices)
                //3.配置令牌管理服务
                .tokenServices(tokenService)
                //允许post方式请求
                .allowedTokenEndpointRequestMethods(HttpMethod.POST);

    }
}